IT Support, Oxford, London & Reading

We look after your IT so you don't have to

Password security post Heartbleed

Published:

The revelations last week about Heartbleed, a security flaw in common website protection mechanisms, has caused shockwaves across the Internet. Many experts (including ourselves) are advising web users to change sensitive passwords immediately because they may have already been stolen by hackers.

Here are a few tips to improve password security to protect yourself in future.

How to choose a good password

Believe it or not, but some people choose the silliest, and therefore easiest to hack passwords. The most common passwords in circulation are "123456", "password" and "qwerty", all of which are easily guessed. Other examples include the names of spouses, children or pets - again easily guessed and therefore insecure.

The key to a good password is choosing one that is at least eight characters long and includes upper and lowercase letters and numbers. For increased security you should avoid using dictionary words - "real" words - in favour of random looking groups of letters. It is however very important that you choose a password you can remember without writing it down anywhere.

Keeping your password safe

However, for maximum password security, you must not use the same passphrase for every website - if someone manages to get hold of your password, they could then access all your online accounts and you would be no better off.

Having said that, the use of similar passwords is perfectly acceptable, so long as you take care to keep them safe in your memory.

Once you have settled on a password, there are still some things you need to do to keep it safe:

  • Do not log in to your bank accounts, financial sites or social media accounts (or any sensitive websites for that matter) from a computer that is not yours. Internet cafes and kiosk PCs may be useful for checking your personal email on holiday, but they could also harbour malware that steals passwords.
  • Avoid using public WiFi. As convenient as public WiFi hotspots may be, there always remains the potential for someone to be intercepting your web traffic and stealing passwords.
  • Never write your passwords down. It sounds simple, but millions of people across the world still write their passwords on post-it notes stuck to their computer screen.
  • Investigate the use of a password management program. 1Password (and similar apps) provide a way to create and store extremely secure passwords across devices, making life much easier.

Remember that you will need to apply these same principles to every password for every website.

The Heartbleed security flaw continues to be a major problem for many websites, so it is very important that you change your passwords now. Using the tips above you should be able to create strong passwords that are much harder for criminals to "break", giving you an additional layer of security.

As always, you should give the Get Support team a call on 01865 594000 if you need assistance with passwords, or would like further advice on keeping your mobile workforce secure when connecting to the office network via public WiFi.

Get your instant IT support quote

Its a really quick and simple process. We have a few questions that will take you a couple of minutes to answer. Our system will generate your quote customised to your requirements and send it straight to your email. Click here if you'd like to read about our IT Support service.

What type of customer are you?

Contact Get Support

Get Support IT Services, we look after your IT so you don't have to Call us: 01865 59 4000

We use cookies to improve your experience on our site, measure the effectiveness of our marketing and to better market our services to you in the future. To accept the recommended setting, please click Accept or continue to browse this website. For more information & settings, click here to view our cookies policy
Thank you for accepting the recommended cookie settings, have been applied. You can change the settings from our Cookie Policy page.